Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/ddda7e-a037-4d38-9555-0a110c49749c/1/xtf9DENXCLiQ8AcljE_Z3JsXx1k.roa
File: xtf9DENXCLiQ8AcljE_Z3JsXx1k.roa (raw, json)
Hash identifier: 3UDRJz/w9cPOm5pp96CLXqHajl/Vrdv+kEEDpm2pD0s=
Subject key identifier: C6:D7:FD:0C:43:57:08:B8:90:F0:07:25:8C:4F:D9:DC:9B:17:C7:59
Certificate issuer: /CN=fad1863cbdec1b596daceeb901a0853d6c87e756
Certificate serial: 018CC492394B176A60B0C8F2B015C658714B
Authority key identifier: FA:D1:86:3C:BD:EC:1B:59:6D:AC:EE:B9:01:A0:85:3D:6C:87:E7:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tGGPL3sG1ltrO65AaCFPWyH51Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/ddda7e-a037-4d38-9555-0a110c49749c/1/xtf9DENXCLiQ8AcljE_Z3JsXx1k.roa
Signing time: Mon 01 Jan 2024 10:29:26 +0000
ROA not before: Mon 01 Jan 2024 10:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202652
IP address blocks: 185.157.108.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 03 Jan 2024 11:58:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:39:4b:17:6a:60:b0:c8:f2:b0:15:c6:58:71:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad1863cbdec1b596daceeb901a0853d6c87e756
Validity
Not Before: Jan 1 10:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6d7fd0c435708b890f007258c4fd9dc9b17c759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ec:8c:9d:a1:c8:37:51:49:b8:7d:1b:c8:98:
47:23:8f:ea:d6:0f:46:f7:84:3e:73:b1:e9:55:18:
35:3a:94:8c:f6:80:8d:78:84:c9:b5:54:eb:8f:6c:
74:74:5d:3b:2a:63:3f:a4:86:3e:e3:86:a0:01:ed:
08:f0:01:74:10:38:f3:90:b7:5b:37:ad:c1:56:cf:
51:05:c7:1d:f4:20:ba:4d:a6:38:a9:40:a1:da:dc:
24:46:d2:60:85:69:f6:9f:c9:b8:b9:ea:40:d0:3b:
3e:af:a0:8f:da:27:f3:9f:84:dd:36:f8:8f:93:bd:
c2:db:b2:5c:89:b3:fc:2a:d1:47:27:0a:07:4c:9b:
1d:b9:8c:a1:73:9f:00:a6:08:72:f4:26:29:86:b1:
2f:d8:04:cf:ce:77:2d:41:c2:fb:1f:b3:3a:de:fb:
72:ba:6b:0a:e0:d9:d4:8d:aa:b7:1b:c6:78:ce:2e:
3f:0e:ca:37:39:95:c5:7e:eb:02:0d:af:b1:35:c4:
69:2f:e5:77:ef:e2:bd:f2:58:b6:d0:c1:d8:00:6b:
a7:c4:b7:d1:ff:de:22:77:65:6c:de:00:a9:04:40:
ac:6e:ad:f7:02:e4:b5:3d:d5:da:26:82:bd:ad:af:
bc:1a:a5:c4:7d:b1:0b:e9:bc:f1:7e:28:9b:04:0c:
d6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:D7:FD:0C:43:57:08:B8:90:F0:07:25:8C:4F:D9:DC:9B:17:C7:59
X509v3 Authority Key Identifier:
keyid:FA:D1:86:3C:BD:EC:1B:59:6D:AC:EE:B9:01:A0:85:3D:6C:87:E7:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tGGPL3sG1ltrO65AaCFPWyH51Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ddda7e-a037-4d38-9555-0a110c49749c/1/xtf9DENXCLiQ8AcljE_Z3JsXx1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ddda7e-a037-4d38-9555-0a110c49749c/1/1-tGGPL3sG1ltrO65AaCFPWyH51Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.108.0/22
Signature Algorithm: sha256WithRSAEncryption
84:22:28:6a:65:f3:38:9b:2e:91:83:51:8a:db:06:a3:e9:ce:
a5:2d:d2:24:8b:03:61:c5:f9:e9:eb:86:f8:f7:21:43:2f:e6:
87:88:6c:d6:b5:17:95:5a:ea:9c:4c:71:df:85:80:c7:ff:68:
b6:76:01:bf:f2:0b:a7:29:ad:bc:c9:f9:d0:92:ba:15:28:77:
87:9d:a5:32:78:b7:63:c7:34:27:ef:61:6a:e3:b4:e2:55:0e:
74:62:53:d5:e0:8a:91:89:f0:e4:7e:52:2a:74:e3:e4:68:70:
fd:bb:a8:36:57:f2:a7:e8:97:5f:db:57:36:14:4f:b6:89:12:
67:f7:9d:59:db:41:ab:31:74:b4:e4:dd:3b:79:c0:11:82:02:
d1:7a:dc:d5:67:fb:9f:a0:20:5e:f7:79:4f:1d:3f:8e:0e:d6:
a6:a1:d2:0b:80:ed:5b:d7:2a:7a:f8:1d:c1:b9:7d:52:18:7f:
69:af:10:62:46:f0:d2:b7:e3:f7:bd:01:b6:86:c4:d6:d9:98:
17:b1:3d:5b:14:d2:9a:53:a2:a1:6a:04:53:15:5b:6a:76:45:
8b:7a:62:00:6b:d9:1b:c5:80:8b:0e:ee:00:ce:87:77:68:ed:
08:51:18:e5:2b:16:d4:39:b7:27:30:aa:5d:23:57:c3:6d:4d:
79:cf:3b:d6
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzEkjlLF2pgsMjysBXGWHFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDE4NjNjYmRlYzFiNTk2ZGFjZWViOTAxYTA4NTNkNmM4
N2U3NTYwHhcNMjQwMTAxMTAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmQ3ZmQwYzQzNTcwOGI4OTBmMDA3MjU4YzRmZDlkYzliMTdjNzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeyMnaHIN1FJuH0byJhHI4/q1g9G
94Q+c7HpVRg1OpSM9oCNeITJtVTrj2x0dF07KmM/pIY+44agAe0I8AF0EDjzkLdb
N63BVs9RBccd9CC6TaY4qUCh2twkRtJghWn2n8m4uepA0Ds+r6CP2ifzn4TdNviP
k73C27JcibP8KtFHJwoHTJsduYyhc58Apghy9CYphrEv2ATPznctQcL7H7M63vty
umsK4NnUjaq3G8Z4zi4/Dso3OZXFfusCDa+xNcRpL+V37+K98li20MHYAGunxLfR
/94id2Vs3gCpBECsbq33AuS1PdXaJoK9ra+8GqXEfbEL6bzxfiibBAzWIQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMbX/QxDVwi4kPAHJYxP2dybF8dZMB8GA1UdIwQY
MBaAFPrRhjy97BtZbazuuQGghT1sh+dWMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10R0dQTDNzRzFsdHJPNjVBYUNGUFd5SDUxWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYvZGRkYTdlLWEwMzctNGQzOC05NTU1
LTBhMTEwYzQ5NzQ5Yy8xL3h0ZjlERU5YQ0xpUThBY2xqRV9aM0pzWHgxay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGYvZGRkYTdlLWEwMzctNGQzOC05NTU1LTBhMTEwYzQ5NzQ5
Yy8xLzEtdEdHUEwzc0cxbHRyTzY1QWFDRlBXeUg1MVkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5nWww
DQYJKoZIhvcNAQELBQADggEBAIQiKGpl8zibLpGDUYrbBqPpzqUt0iSLA2HF+enr
hvj3IUMv5oeIbNa1F5Va6pxMcd+FgMf/aLZ2Ab/yC6cprbzJ+dCSuhUod4edpTJ4
t2PHNCfvYWrjtOJVDnRiU9XgipGJ8OR+Uip04+RocP27qDZX8qfol1/bVzYUT7aJ
Emf3nVnbQasxdLTk3Tt5wBGCAtF63NVn+5+gIF73eU8dP44O1qah0guA7VvXKnr4
HcG5fVIYf2mvEGJG8NK34/e9AbaGxNbZmBexPVsU0ppToqFqBFMVW2p2RYt6YgBr
2RvFgIsO7gDOh3do7QhRGOUrFtQ5tycwql0jV8NtTXnPO9Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:44 2024 by rpki-client on console-fra.rpki-client.org